Why we invested in Backslash: Securing the future of AI-generated code

Earlier this year, we announced our investment in BACKSLASH SECURITY, leading its Series A round. Backslash is rethinking application security from the inside out. It is no longer just about what code is produced, but about the tools and configurations used to produce it. The platform enables enterprises to gain insight into which IDEs and agentic AI coding assistants developers use, which MCP servers are used, and which underlying models are in play.

This investment sits against one of the defining technological shifts of our time. Artificial intelligence is not only changing how we use software, it is changing how we build it.

The rise of AI coding assistants

In just a few years, AI has become indispensable to software development. According to Gartner’s latest report on strategic trends in software engineering for 2025, 90% of enterprise software engineers will use AI code assistants by 2028, up from less than 14% in early 2024.

At the same time, the ecosystem around these tools has expanded rapidly, with more than 15,000 unique MCPs and over 100,000 skills now available. A single misconfiguration or malicious prompt can introduce a security vulnerability.

New releases such as Claude Code Security provide developers with additional intelligence to help ensure the code they produce is secure. But for CISOs, the challenge runs deeper. The real issue is not only the quality of the output, but the visibility into the tools, models and integrations developers rely on. Without fit-for-purpose security tooling, security teams are left struggling to keep pace with a fast-evolving attack surface.

The cybersecurity talent gap

At the same time, the industry faces an acute cybersecurity talent shortage. 83% of executives cite workforce limitations as a significant barrier to maintaining a secure posture, and only a third of organisations report having a mature cybersecurity strategy in place.

Security teams are overwhelmed by the speed of change. Every week introduces new tools, features and integrations that boost developer productivity while expanding the attack surface. Monitoring and securing developer environments has become a continuous struggle. Security leaders increasingly agree that AI is fundamentally reshaping how software is built, and that organisations need visibility into the tools developers are using across the business.

Regulation is rewriting the rules.

Regulation adds further urgency. The EU’s revised Product Liability Directive, adopted in October 2024 and taking effect in December 2026, marks a structural shift in software accountability.

For the first time, software, AI systems and digital services fall under strict no-fault liability rules. Companies can be held liable for software defects regardless of negligence, with cybersecurity failures explicitly recognised as product defects.

Security is therefore no longer a best practice but a business requirement. Enterprises are actively seeking tools that reduce risk and provide audit-ready evidence of diligence in order to defend against liability claims.

Hidden attack surfaces - the reality of modern software development

BACKSLASH’s founders, Shahar, Yossi and Rani, recognised this convergence early.

With decades of experience building and scaling cybersecurity companies, they understood that traditional approaches to monitoring developer environments were no longer sufficient. Their insight was straightforward: security tools must think like developers, not like auditors.

BACKSLASH provides visibility and protection across AI-powered IDEs and emerging attack surfaces that traditional AppSec tools cannot see and that generalist AI security solutions lack the context to understand. The platform enables security teams to harden environments, enforce governance, monitor for malicious behaviour such as data exfiltration and prompt injection, and block threats when necessary.

Why it matters

AI developer tools are here to stay. Without the right controls, productivity gains will come at the expense of resilience. Enterprises need a scalable way to secure this new layer of software creation.

BACKSLASH bridges that gap. Over the past three years, Shahar, Yossi and Rani have built the platform with the precision and conviction that define leading cybersecurity founders. They are building a new security category at the intersection of AI, developer tooling and governance.

Cybersecurity will be one of the defining sectors of the next decade. As AI reshapes how software is written and regulation raises the bar for accountability, security must move from reactive to proactive.

BACKSLASH embodies the duality we look for at KOMPAS: technical depth paired with commercial clarity. Their technology does not simply respond to new risks, it anticipates them.

We are proud to support Shahar, Yossi, Rani and the entire BACKSLASH team as they redefine how enterprises secure the future of software development worldwide.

--

written by Nick Gosen (Principal) and Talia Rafaeli (Partner) at KOMPAS VC